projects / linux-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Bluetooth: Remove unused function
[linux-block.git] / net / bluetooth / hci_conn.c
CommitLineData
8e87d142 1/*
1da177e4 2 BlueZ - Bluetooth protocol stack for Linux
2d0a0346 3 Copyright (c) 2000-2001, 2010, Code Aurora Forum. All rights reserved.
1da177e4
LT		 4
5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License version 2 as
9 published by the Free Software Foundation;
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
8e87d142
YH		 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
1da177e4
LT		 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
8e87d142
YH		 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
1da177e4
LT		 22 SOFTWARE IS DISCLAIMED.
23*/
24
25/* Bluetooth HCI connection handling. */
26
8c520a59 27#include <linux/export.h>
1da177e4
LT		 28
29#include <net/bluetooth/bluetooth.h>
30#include <net/bluetooth/hci_core.h>
31
ac4b7236 32#include "smp.h"
7024728e
MH		 33#include "a2mp.h"
34
2dea632f
FD		 35struct sco_param {
36 u16 pkt_type;
37 u16 max_latency;
38};
39
40static const struct sco_param sco_param_cvsd[] = {
41 { EDR_ESCO_MASK & ~ESCO_2EV3, 0x000a }, /* S3 */
42 { EDR_ESCO_MASK & ~ESCO_2EV3, 0x0007 }, /* S2 */
43 { EDR_ESCO_MASK | ESCO_EV3, 0x0007 }, /* S1 */
44 { EDR_ESCO_MASK | ESCO_HV3, 0xffff }, /* D1 */
45 { EDR_ESCO_MASK | ESCO_HV1, 0xffff }, /* D0 */
46};
47
48static const struct sco_param sco_param_wideband[] = {
49 { EDR_ESCO_MASK & ~ESCO_2EV3, 0x000d }, /* T2 */
50 { EDR_ESCO_MASK | ESCO_EV3, 0x0008 }, /* T1 */
51};
52
1aef8669 53static void hci_le_create_connection_cancel(struct hci_conn *conn)
fcd89c09
VT		 54{
55 hci_send_cmd(conn->hdev, HCI_OP_LE_CREATE_CONN_CANCEL, 0, NULL);
56}
57
1aef8669 58static void hci_acl_create_connection(struct hci_conn *conn)
1da177e4
LT		 59{
60 struct hci_dev *hdev = conn->hdev;
61 struct inquiry_entry *ie;
62 struct hci_cp_create_conn cp;
63
42d2d87c 64 BT_DBG("hcon %p", conn);
1da177e4
LT		 65
66 conn->state = BT_CONNECT;
a0c808b3 67 conn->out = true;
a8746417 68
1da177e4
LT		 69 conn->link_mode = HCI_LM_MASTER;
70
4c67bc74
MH		 71 conn->attempt++;
72
e4e8e37c
MH		 73 conn->link_policy = hdev->link_policy;
74
1da177e4
LT		 75 memset(&cp, 0, sizeof(cp));
76 bacpy(&cp.bdaddr, &conn->dst);
77 cp.pscan_rep_mode = 0x02;
78
70f23020
AE		 79 ie = hci_inquiry_cache_lookup(hdev, &conn->dst);
80 if (ie) {
41a96212
MH		 81 if (inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
82 cp.pscan_rep_mode = ie->data.pscan_rep_mode;
83 cp.pscan_mode = ie->data.pscan_mode;
84 cp.clock_offset = ie->data.clock_offset |
82781e63 85 __constant_cpu_to_le16(0x8000);
41a96212
MH		 86 }
87
1da177e4 88 memcpy(conn->dev_class, ie->data.dev_class, 3);
58a681ef
JH		 89 if (ie->data.ssp_mode > 0)
90 set_bit(HCI_CONN_SSP_ENABLED, &conn->flags);
1da177e4
LT		 91 }
92
a8746417 93 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1da177e4 94 if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER))
b6a0dc82 95 cp.role_switch = 0x01;
1da177e4 96 else
b6a0dc82 97 cp.role_switch = 0x00;
4c67bc74 98
a9de9248 99 hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp);
1da177e4
LT		 100}
101
1aef8669 102static void hci_acl_create_connection_cancel(struct hci_conn *conn)
6ac59344
MH		 103{
104 struct hci_cp_create_conn_cancel cp;
105
38b3fef1 106 BT_DBG("hcon %p", conn);
6ac59344 107
d095c1eb 108 if (conn->hdev->hci_ver < BLUETOOTH_VER_1_2)
6ac59344
MH		 109 return;
110
111 bacpy(&cp.bdaddr, &conn->dst);
a9de9248 112 hci_send_cmd(conn->hdev, HCI_OP_CREATE_CONN_CANCEL, sizeof(cp), &cp);
6ac59344
MH		 113}
114
93796fa6
CT		 115static void hci_reject_sco(struct hci_conn *conn)
116{
117 struct hci_cp_reject_sync_conn_req cp;
118
119 cp.reason = HCI_ERROR_REMOTE_USER_TERM;
120 bacpy(&cp.bdaddr, &conn->dst);
121
122 hci_send_cmd(conn->hdev, HCI_OP_REJECT_SYNC_CONN_REQ, sizeof(cp), &cp);
123}
124
bed71748 125void hci_disconnect(struct hci_conn *conn, __u8 reason)
1da177e4
LT		 126{
127 struct hci_cp_disconnect cp;
128
38b3fef1 129 BT_DBG("hcon %p", conn);
1da177e4
LT		 130
131 conn->state = BT_DISCONN;
132
aca3192c 133 cp.handle = cpu_to_le16(conn->handle);
1da177e4 134 cp.reason = reason;
a9de9248 135 hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp);
1da177e4
LT		 136}
137
53502d69
AE		 138static void hci_amp_disconn(struct hci_conn *conn, __u8 reason)
139{
140 struct hci_cp_disconn_phy_link cp;
141
142 BT_DBG("hcon %p", conn);
143
144 conn->state = BT_DISCONN;
145
146 cp.phy_handle = HCI_PHY_HANDLE(conn->handle);
147 cp.reason = reason;
148 hci_send_cmd(conn->hdev, HCI_OP_DISCONN_PHY_LINK,
149 sizeof(cp), &cp);
150}
151
57f5d0d1 152static void hci_add_sco(struct hci_conn *conn, __u16 handle)
1da177e4
LT		 153{
154 struct hci_dev *hdev = conn->hdev;
155 struct hci_cp_add_sco cp;
156
38b3fef1 157 BT_DBG("hcon %p", conn);
1da177e4
LT		 158
159 conn->state = BT_CONNECT;
a0c808b3 160 conn->out = true;
1da177e4 161
efc7688b
MH		 162 conn->attempt++;
163
aca3192c 164 cp.handle = cpu_to_le16(handle);
a8746417 165 cp.pkt_type = cpu_to_le16(conn->pkt_type);
1da177e4 166
a9de9248 167 hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp);
1da177e4
LT		 168}
169
2dea632f 170bool hci_setup_sync(struct hci_conn *conn, __u16 handle)
b6a0dc82
MH		 171{
172 struct hci_dev *hdev = conn->hdev;
173 struct hci_cp_setup_sync_conn cp;
2dea632f 174 const struct sco_param *param;
b6a0dc82 175
38b3fef1 176 BT_DBG("hcon %p", conn);
b6a0dc82
MH		 177
178 conn->state = BT_CONNECT;
a0c808b3 179 conn->out = true;
b6a0dc82 180
efc7688b
MH		 181 conn->attempt++;
182
b6a0dc82 183 cp.handle = cpu_to_le16(handle);
b6a0dc82 184
82781e63
AE		 185 cp.tx_bandwidth = __constant_cpu_to_le32(0x00001f40);
186 cp.rx_bandwidth = __constant_cpu_to_le32(0x00001f40);
10c62ddc
FD		 187 cp.voice_setting = cpu_to_le16(conn->setting);
188
189 switch (conn->setting & SCO_AIRMODE_MASK) {
190 case SCO_AIRMODE_TRANSP:
2dea632f
FD		 191 if (conn->attempt > ARRAY_SIZE(sco_param_wideband))
192 return false;
10c62ddc 193 cp.retrans_effort = 0x02;
2dea632f 194 param = &sco_param_wideband[conn->attempt - 1];
10c62ddc
FD		 195 break;
196 case SCO_AIRMODE_CVSD:
2dea632f
FD		 197 if (conn->attempt > ARRAY_SIZE(sco_param_cvsd))
198 return false;
199 cp.retrans_effort = 0x01;
200 param = &sco_param_cvsd[conn->attempt - 1];
10c62ddc 201 break;
2dea632f
FD		 202 default:
203 return false;
10c62ddc 204 }
b6a0dc82 205
2dea632f
FD		 206 cp.pkt_type = __cpu_to_le16(param->pkt_type);
207 cp.max_latency = __cpu_to_le16(param->max_latency);
208
209 if (hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp) < 0)
210 return false;
211
212 return true;
b6a0dc82
MH		 213}
214
2ce603eb 215void hci_le_conn_update(struct hci_conn *conn, u16 min, u16 max,
5974e4c4 216 u16 latency, u16 to_multiplier)
2ce603eb
CT		 217{
218 struct hci_cp_le_conn_update cp;
219 struct hci_dev *hdev = conn->hdev;
220
221 memset(&cp, 0, sizeof(cp));
222
223 cp.handle = cpu_to_le16(conn->handle);
224 cp.conn_interval_min = cpu_to_le16(min);
225 cp.conn_interval_max = cpu_to_le16(max);
226 cp.conn_latency = cpu_to_le16(latency);
227 cp.supervision_timeout = cpu_to_le16(to_multiplier);
d66c2950
MH		 228 cp.min_ce_len = __constant_cpu_to_le16(0x0000);
229 cp.max_ce_len = __constant_cpu_to_le16(0x0000);
2ce603eb
CT		 230
231 hci_send_cmd(hdev, HCI_OP_LE_CONN_UPDATE, sizeof(cp), &cp);
232}
2ce603eb 233
a7a595f6 234void hci_le_start_enc(struct hci_conn *conn, __le16 ediv, __u8 rand[8],
5974e4c4 235 __u8 ltk[16])
a7a595f6
VCG		 236{
237 struct hci_dev *hdev = conn->hdev;
238 struct hci_cp_le_start_enc cp;
239
38b3fef1 240 BT_DBG("hcon %p", conn);
a7a595f6
VCG		 241
242 memset(&cp, 0, sizeof(cp));
243
244 cp.handle = cpu_to_le16(conn->handle);
245 memcpy(cp.ltk, ltk, sizeof(cp.ltk));
246 cp.ediv = ediv;
51beabdf 247 memcpy(cp.rand, rand, sizeof(cp.rand));
a7a595f6
VCG		 248
249 hci_send_cmd(hdev, HCI_OP_LE_START_ENC, sizeof(cp), &cp);
250}
a7a595f6 251
e73439d8
MH		 252/* Device _must_ be locked */
253void hci_sco_setup(struct hci_conn *conn, __u8 status)
254{
255 struct hci_conn *sco = conn->link;
256
e73439d8
MH		 257 if (!sco)
258 return;
259
38b3fef1
AE		 260 BT_DBG("hcon %p", conn);
261
e73439d8
MH		 262 if (!status) {
263 if (lmp_esco_capable(conn->hdev))
264 hci_setup_sync(sco, conn->handle);
265 else
266 hci_add_sco(sco, conn->handle);
267 } else {
268 hci_proto_connect_cfm(sco, status);
269 hci_conn_del(sco);
270 }
271}
272
53502d69
AE		 273static void hci_conn_disconnect(struct hci_conn *conn)
274{
275 __u8 reason = hci_proto_disconn_ind(conn);
276
277 switch (conn->type) {
53502d69
AE		 278 case AMP_LINK:
279 hci_amp_disconn(conn, reason);
280 break;
4c02e2d4 281 default:
bed71748 282 hci_disconnect(conn, reason);
4c02e2d4 283 break;
53502d69
AE		 284 }
285}
286
19c40e3b 287static void hci_conn_timeout(struct work_struct *work)
1da177e4 288{
19c40e3b 289 struct hci_conn *conn = container_of(work, struct hci_conn,
5974e4c4 290 disc_work.work);
1da177e4 291
38b3fef1 292 BT_DBG("hcon %p state %s", conn, state_to_string(conn->state));
1da177e4
LT		 293
294 if (atomic_read(&conn->refcnt))
295 return;
296
6ac59344
MH		 297 switch (conn->state) {
298 case BT_CONNECT:
769be974 299 case BT_CONNECT2:
fcd89c09
VT		 300 if (conn->out) {
301 if (conn->type == ACL_LINK)
1aef8669 302 hci_acl_create_connection_cancel(conn);
fcd89c09 303 else if (conn->type == LE_LINK)
1aef8669 304 hci_le_create_connection_cancel(conn);
93796fa6
CT		 305 } else if (conn->type == SCO_LINK || conn->type == ESCO_LINK) {
306 hci_reject_sco(conn);
fcd89c09 307 }
6ac59344 308 break;
769be974 309 case BT_CONFIG:
8e87d142 310 case BT_CONNECTED:
53502d69 311 hci_conn_disconnect(conn);
6ac59344
MH		 312 break;
313 default:
1da177e4 314 conn->state = BT_CLOSED;
6ac59344
MH		 315 break;
316 }
1da177e4
LT		 317}
318
416dc94b 319/* Enter sniff mode */
a74a84f6 320static void hci_conn_idle(struct work_struct *work)
416dc94b 321{
a74a84f6
JH		 322 struct hci_conn *conn = container_of(work, struct hci_conn,
323 idle_work.work);
416dc94b
GP		 324 struct hci_dev *hdev = conn->hdev;
325
38b3fef1 326 BT_DBG("hcon %p mode %d", conn, conn->mode);
416dc94b
GP		 327
328 if (test_bit(HCI_RAW, &hdev->flags))
329 return;
330
331 if (!lmp_sniff_capable(hdev) || !lmp_sniff_capable(conn))
332 return;
333
334 if (conn->mode != HCI_CM_ACTIVE || !(conn->link_policy & HCI_LP_SNIFF))
335 return;
336
337 if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) {
338 struct hci_cp_sniff_subrate cp;
339 cp.handle = cpu_to_le16(conn->handle);
82781e63
AE		 340 cp.max_latency = __constant_cpu_to_le16(0);
341 cp.min_remote_timeout = __constant_cpu_to_le16(0);
342 cp.min_local_timeout = __constant_cpu_to_le16(0);
416dc94b
GP		 343 hci_send_cmd(hdev, HCI_OP_SNIFF_SUBRATE, sizeof(cp), &cp);
344 }
345
51a8efd7 346 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
416dc94b
GP		 347 struct hci_cp_sniff_mode cp;
348 cp.handle = cpu_to_le16(conn->handle);
349 cp.max_interval = cpu_to_le16(hdev->sniff_max_interval);
350 cp.min_interval = cpu_to_le16(hdev->sniff_min_interval);
82781e63
AE		 351 cp.attempt = __constant_cpu_to_le16(4);
352 cp.timeout = __constant_cpu_to_le16(1);
416dc94b
GP		 353 hci_send_cmd(hdev, HCI_OP_SNIFF_MODE, sizeof(cp), &cp);
354 }
355}
356
7bc18d9d 357static void hci_conn_auto_accept(struct work_struct *work)
9f61656a 358{
7bc18d9d
JH		 359 struct hci_conn *conn = container_of(work, struct hci_conn,
360 auto_accept_work.work);
9f61656a 361
7bc18d9d 362 hci_send_cmd(conn->hdev, HCI_OP_USER_CONFIRM_REPLY, sizeof(conn->dst),
5974e4c4 363 &conn->dst);
9f61656a
JH		 364}
365
1da177e4
LT		 366struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst)
367{
368 struct hci_conn *conn;
369
6ed93dc6 370 BT_DBG("%s dst %pMR", hdev->name, dst);
1da177e4 371
cb601d7e 372 conn = kzalloc(sizeof(struct hci_conn), GFP_KERNEL);
04837f64 373 if (!conn)
1da177e4 374 return NULL;
1da177e4
LT		 375
376 bacpy(&conn->dst, dst);
662e8820 377 bacpy(&conn->src, &hdev->bdaddr);
a8746417
MH		 378 conn->hdev = hdev;
379 conn->type = type;
380 conn->mode = HCI_CM_ACTIVE;
381 conn->state = BT_OPEN;
93f19c9f 382 conn->auth_type = HCI_AT_GENERAL_BONDING;
17fa4b9d 383 conn->io_capability = hdev->io_capability;
a9583556 384 conn->remote_auth = 0xff;
13d39315 385 conn->key_type = 0xff;
1da177e4 386
58a681ef 387 set_bit(HCI_CONN_POWER_SAVE, &conn->flags);
052b30b0 388 conn->disc_timeout = HCI_DISCONN_TIMEOUT;
04837f64 389
a8746417
MH		 390 switch (type) {
391 case ACL_LINK:
392 conn->pkt_type = hdev->pkt_type & ACL_PTYPE_MASK;
393 break;
394 case SCO_LINK:
395 if (lmp_esco_capable(hdev))
efc7688b
MH		 396 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) |
397 (hdev->esco_type & EDR_ESCO_MASK);
a8746417
MH		 398 else
399 conn->pkt_type = hdev->pkt_type & SCO_PTYPE_MASK;
400 break;
401 case ESCO_LINK:
efc7688b 402 conn->pkt_type = hdev->esco_type & ~EDR_ESCO_MASK;
a8746417
MH		 403 break;
404 }
405
1da177e4 406 skb_queue_head_init(&conn->data_q);
04837f64 407
70c1f20b 408 INIT_LIST_HEAD(&conn->chan_list);
73d80deb 409
19c40e3b 410 INIT_DELAYED_WORK(&conn->disc_work, hci_conn_timeout);
7bc18d9d 411 INIT_DELAYED_WORK(&conn->auto_accept_work, hci_conn_auto_accept);
a74a84f6 412 INIT_DELAYED_WORK(&conn->idle_work, hci_conn_idle);
1da177e4
LT		 413
414 atomic_set(&conn->refcnt, 0);
415
416 hci_dev_hold(hdev);
417
1da177e4 418 hci_conn_hash_add(hdev, conn);
3c54711c 419 if (hdev->notify)
1da177e4
LT		 420 hdev->notify(hdev, HCI_NOTIFY_CONN_ADD);
421
a67e899c
MH		 422 hci_conn_init_sysfs(conn);
423
1da177e4
LT		 424 return conn;
425}
426
427int hci_conn_del(struct hci_conn *conn)
428{
429 struct hci_dev *hdev = conn->hdev;
430
38b3fef1 431 BT_DBG("%s hcon %p handle %d", hdev->name, conn, conn->handle);
1da177e4 432
19c40e3b 433 cancel_delayed_work_sync(&conn->disc_work);
7bc18d9d 434 cancel_delayed_work_sync(&conn->auto_accept_work);
a74a84f6 435 cancel_delayed_work_sync(&conn->idle_work);
9f61656a 436
5b7f9909 437 if (conn->type == ACL_LINK) {
1da177e4
LT		 438 struct hci_conn *sco = conn->link;
439 if (sco)
440 sco->link = NULL;
441
442 /* Unacked frames */
443 hdev->acl_cnt += conn->sent;
6ed58ec5
VT		 444 } else if (conn->type == LE_LINK) {
445 if (hdev->le_pkts)
446 hdev->le_cnt += conn->sent;
447 else
448 hdev->acl_cnt += conn->sent;
5b7f9909
MH		 449 } else {
450 struct hci_conn *acl = conn->link;
451 if (acl) {
452 acl->link = NULL;
76a68ba0 453 hci_conn_drop(acl);
5b7f9909 454 }
1da177e4
LT		 455 }
456
2c33c06a 457 hci_chan_list_flush(conn);
73d80deb 458
9740e49d
AE		 459 if (conn->amp_mgr)
460 amp_mgr_put(conn->amp_mgr);
461
1da177e4 462 hci_conn_hash_del(hdev, conn);
3c54711c 463 if (hdev->notify)
1da177e4 464 hdev->notify(hdev, HCI_NOTIFY_CONN_DEL);
7d0db0a3 465
1da177e4 466 skb_queue_purge(&conn->data_q);
1da177e4 467
fc225c3f 468 hci_conn_del_sysfs(conn);
2ae9a6be 469
384943ec
MH		 470 hci_dev_put(hdev);
471
8d12356f 472 hci_conn_put(conn);
163f4dab 473
1da177e4
LT		 474 return 0;
475}
476
477struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
478{
479 int use_src = bacmp(src, BDADDR_ANY);
8035ded4 480 struct hci_dev *hdev = NULL, *d;
1da177e4 481
6ed93dc6 482 BT_DBG("%pMR -> %pMR", src, dst);
1da177e4 483
f20d09d5 484 read_lock(&hci_dev_list_lock);
1da177e4 485
8035ded4 486 list_for_each_entry(d, &hci_dev_list, list) {
8fc9ced3 487 if (!test_bit(HCI_UP, &d->flags) ||
d300fa9b 488 test_bit(HCI_RAW, &d->flags) ||
af750e94 489 test_bit(HCI_USER_CHANNEL, &d->dev_flags) ||
d300fa9b 490 d->dev_type != HCI_BREDR)
1da177e4
LT		 491 continue;
492
8e87d142 493 /* Simple routing:
1da177e4
LT		 494 * No source address - find interface with bdaddr != dst
495 * Source address - find interface with bdaddr == src
496 */
497
498 if (use_src) {
499 if (!bacmp(&d->bdaddr, src)) {
500 hdev = d; break;
501 }
502 } else {
503 if (bacmp(&d->bdaddr, dst)) {
504 hdev = d; break;
505 }
506 }
507 }
508
509 if (hdev)
510 hdev = hci_dev_hold(hdev);
511
f20d09d5 512 read_unlock(&hci_dev_list_lock);
1da177e4
LT		 513 return hdev;
514}
515EXPORT_SYMBOL(hci_get_route);
516
9bb3c01f 517/* This function requires the caller holds hdev->lock */
06c053fb 518void hci_le_conn_failed(struct hci_conn *conn, u8 status)
9bb3c01f
AG		 519{
520 struct hci_dev *hdev = conn->hdev;
521
522 conn->state = BT_CLOSED;
523
524 mgmt_connect_failed(hdev, &conn->dst, conn->type, conn->dst_type,
525 status);
526
527 hci_proto_connect_cfm(conn, status);
528
529 hci_conn_del(conn);
530}
531
1d399ae5
AG		 532static void create_le_conn_complete(struct hci_dev *hdev, u8 status)
533{
534 struct hci_conn *conn;
535
536 if (status == 0)
537 return;
538
539 BT_ERR("HCI request failed to create LE connection: status 0x%2.2x",
540 status);
541
542 hci_dev_lock(hdev);
543
544 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
545 if (!conn)
546 goto done;
547
06c053fb 548 hci_le_conn_failed(conn, status);
1d399ae5
AG		 549
550done:
551 hci_dev_unlock(hdev);
552}
553
2acf3d90
AG		 554static void hci_req_add_le_create_conn(struct hci_request *req,
555 struct hci_conn *conn)
556{
557 struct hci_cp_le_create_conn cp;
558 struct hci_dev *hdev = conn->hdev;
559 u8 own_addr_type;
560
561 memset(&cp, 0, sizeof(cp));
562
563 /* Update random address, but set require_privacy to false so
564 * that we never connect with an unresolvable address.
565 */
566 if (hci_update_random_address(req, false, &own_addr_type))
567 return;
568
569 /* Save the address type used for this connnection attempt so we able
570 * to retrieve this information if we need it.
571 */
572 conn->src_type = own_addr_type;
573
574 cp.scan_interval = cpu_to_le16(hdev->le_scan_interval);
575 cp.scan_window = cpu_to_le16(hdev->le_scan_window);
576 bacpy(&cp.peer_addr, &conn->dst);
577 cp.peer_addr_type = conn->dst_type;
578 cp.own_address_type = own_addr_type;
579 cp.conn_interval_min = cpu_to_le16(conn->le_conn_min_interval);
580 cp.conn_interval_max = cpu_to_le16(conn->le_conn_max_interval);
581 cp.supervision_timeout = __constant_cpu_to_le16(0x002a);
582 cp.min_ce_len = __constant_cpu_to_le16(0x0000);
583 cp.max_ce_len = __constant_cpu_to_le16(0x0000);
584
585 hci_req_add(req, HCI_OP_LE_CREATE_CONN, sizeof(cp), &cp);
586}
587
588static void stop_scan_complete(struct hci_dev *hdev, u8 status)
589{
590 struct hci_request req;
591 struct hci_conn *conn;
592 int err;
593
594 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
595 if (!conn)
596 return;
597
598 if (status) {
599 BT_DBG("HCI request failed to stop scanning: status 0x%2.2x",
600 status);
601
602 hci_dev_lock(hdev);
603 hci_le_conn_failed(conn, status);
604 hci_dev_unlock(hdev);
605 return;
606 }
607
608 /* Since we may have prematurely stopped discovery procedure, we should
609 * update discovery state.
610 */
611 cancel_delayed_work(&hdev->le_scan_disable);
612 hci_discovery_set_state(hdev, DISCOVERY_STOPPED);
613
614 hci_req_init(&req, hdev);
615
616 hci_req_add_le_create_conn(&req, conn);
617
618 err = hci_req_run(&req, create_le_conn_complete);
619 if (err) {
620 hci_dev_lock(hdev);
621 hci_le_conn_failed(conn, HCI_ERROR_MEMORY_EXCEEDED);
622 hci_dev_unlock(hdev);
623 return;
624 }
625}
626
d04aef4c
VCG		 627static struct hci_conn *hci_connect_le(struct hci_dev *hdev, bdaddr_t *dst,
628 u8 dst_type, u8 sec_level, u8 auth_type)
1da177e4 629{
4292f1f3 630 struct hci_conn_params *params;
f1e5d547 631 struct hci_conn *conn;
1ebfcc1f 632 struct smp_irk *irk;
2acf3d90 633 struct hci_request req;
1d399ae5 634 int err;
1da177e4 635
f3d3444a 636 if (test_bit(HCI_ADVERTISING, &hdev->flags))
f1550478
JH		 637 return ERR_PTR(-ENOTSUPP);
638
620ad521
AG		 639 /* Some devices send ATT messages as soon as the physical link is
640 * established. To be able to handle these ATT messages, the user-
641 * space first establishes the connection and then starts the pairing
642 * process.
643 *
644 * So if a hci_conn object already exists for the following connection
645 * attempt, we simply update pending_sec_level and auth_type fields
646 * and return the object found.
647 */
f1e5d547 648 conn = hci_conn_hash_lookup_ba(hdev, LE_LINK, dst);
620ad521
AG		 649 if (conn) {
650 conn->pending_sec_level = sec_level;
651 conn->auth_type = auth_type;
652 goto done;
653 }
dfc94dbd 654
620ad521
AG		 655 /* Since the controller supports only one LE connection attempt at a
656 * time, we return -EBUSY if there is any connection attempt running.
657 */
658 conn = hci_conn_hash_lookup_state(hdev, LE_LINK, BT_CONNECT);
659 if (conn)
660 return ERR_PTR(-EBUSY);
46a190cb 661
1ebfcc1f
JH		 662 /* Convert from L2CAP channel address type to HCI address type */
663 if (dst_type == BDADDR_LE_PUBLIC)
664 dst_type = ADDR_LE_DEV_PUBLIC;
665 else
666 dst_type = ADDR_LE_DEV_RANDOM;
667
edb4b466
MH		 668 /* When given an identity address with existing identity
669 * resolving key, the connection needs to be established
670 * to a resolvable random address.
671 *
672 * This uses the cached random resolvable address from
673 * a previous scan. When no cached address is available,
674 * try connecting to the identity address instead.
675 *
676 * Storing the resolvable random address is required here
677 * to handle connection failures. The address will later
678 * be resolved back into the original identity address
679 * from the connect request.
680 */
1ebfcc1f
JH		 681 irk = hci_find_irk_by_addr(hdev, dst, dst_type);
682 if (irk && bacmp(&irk->rpa, BDADDR_ANY)) {
683 dst = &irk->rpa;
684 dst_type = ADDR_LE_DEV_RANDOM;
685 }
686
620ad521
AG		 687 conn = hci_conn_add(hdev, LE_LINK, dst);
688 if (!conn)
689 return ERR_PTR(-ENOMEM);
9f0caeb1 690
1ebfcc1f 691 conn->dst_type = dst_type;
e7c4096e 692
620ad521
AG		 693 conn->state = BT_CONNECT;
694 conn->out = true;
695 conn->link_mode |= HCI_LM_MASTER;
696 conn->sec_level = BT_SECURITY_LOW;
f1e5d547
AG		 697 conn->pending_sec_level = sec_level;
698 conn->auth_type = auth_type;
4292f1f3
AG		 699
700 params = hci_conn_params_lookup(hdev, &conn->dst, conn->dst_type);
701 if (params) {
702 conn->le_conn_min_interval = params->conn_min_interval;
703 conn->le_conn_max_interval = params->conn_max_interval;
704 } else {
705 conn->le_conn_min_interval = hdev->le_conn_min_interval;
706 conn->le_conn_max_interval = hdev->le_conn_max_interval;
707 }
eda42b50 708
2acf3d90
AG		 709 hci_req_init(&req, hdev);
710
711 /* If controller is scanning, we stop it since some controllers are
712 * not able to scan and connect at the same time.
713 */
714 if (test_bit(HCI_LE_SCAN, &hdev->dev_flags)) {
715 hci_req_add_le_scan_disable(&req);
716 err = hci_req_run(&req, stop_scan_complete);
717 } else {
718 hci_req_add_le_create_conn(&req, conn);
719 err = hci_req_run(&req, create_le_conn_complete);
720 }
721
722 if (err) {
723 hci_conn_del(conn);
620ad521 724 return ERR_PTR(err);
2acf3d90 725 }
fcd89c09 726
620ad521
AG		 727done:
728 hci_conn_hold(conn);
f1e5d547 729 return conn;
d04aef4c 730}
fcd89c09 731
db474275
VCG		 732static struct hci_conn *hci_connect_acl(struct hci_dev *hdev, bdaddr_t *dst,
733 u8 sec_level, u8 auth_type)
1da177e4
LT		 734{
735 struct hci_conn *acl;
fcd89c09 736
56f87901
JH		 737 if (!test_bit(HCI_BREDR_ENABLED, &hdev->dev_flags))
738 return ERR_PTR(-ENOTSUPP);
739
70f23020
AE		 740 acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst);
741 if (!acl) {
742 acl = hci_conn_add(hdev, ACL_LINK, dst);
743 if (!acl)
48c7aba9 744 return ERR_PTR(-ENOMEM);
1da177e4
LT		 745 }
746
747 hci_conn_hold(acl);
748
09ab6f4c 749 if (acl->state == BT_OPEN || acl->state == BT_CLOSED) {
765c2a96
JH		 750 acl->sec_level = BT_SECURITY_LOW;
751 acl->pending_sec_level = sec_level;
09ab6f4c 752 acl->auth_type = auth_type;
1aef8669 753 hci_acl_create_connection(acl);
09ab6f4c 754 }
1da177e4 755
db474275
VCG		 756 return acl;
757}
758
10c62ddc
FD		 759struct hci_conn *hci_connect_sco(struct hci_dev *hdev, int type, bdaddr_t *dst,
760 __u16 setting)
db474275
VCG		 761{
762 struct hci_conn *acl;
763 struct hci_conn *sco;
764
e660ed6c 765 acl = hci_connect_acl(hdev, dst, BT_SECURITY_LOW, HCI_AT_NO_BONDING);
db474275 766 if (IS_ERR(acl))
5b7f9909 767 return acl;
1da177e4 768
70f23020
AE		 769 sco = hci_conn_hash_lookup_ba(hdev, type, dst);
770 if (!sco) {
771 sco = hci_conn_add(hdev, type, dst);
772 if (!sco) {
76a68ba0 773 hci_conn_drop(acl);
48c7aba9 774 return ERR_PTR(-ENOMEM);
1da177e4 775 }
5b7f9909 776 }
1da177e4 777
5b7f9909
MH		 778 acl->link = sco;
779 sco->link = acl;
1da177e4 780
5b7f9909 781 hci_conn_hold(sco);
1da177e4 782
10c62ddc
FD		 783 sco->setting = setting;
784
5b7f9909 785 if (acl->state == BT_CONNECTED &&
5974e4c4 786 (sco->state == BT_OPEN || sco->state == BT_CLOSED)) {
58a681ef 787 set_bit(HCI_CONN_POWER_SAVE, &acl->flags);
14b12d0b 788 hci_conn_enter_active_mode(acl, BT_POWER_FORCE_ACTIVE_ON);
c390216b 789
51a8efd7 790 if (test_bit(HCI_CONN_MODE_CHANGE_PEND, &acl->flags)) {
e73439d8 791 /* defer SCO setup until mode change completed */
51a8efd7 792 set_bit(HCI_CONN_SCO_SETUP_PEND, &acl->flags);
e73439d8
MH		 793 return sco;
794 }
795
796 hci_sco_setup(acl, 0x00);
b6a0dc82 797 }
5b7f9909
MH		 798
799 return sco;
1da177e4 800}
1da177e4 801
b7d839bf
VCG		 802/* Create SCO, ACL or LE connection. */
803struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst,
804 __u8 dst_type, __u8 sec_level, __u8 auth_type)
805{
6ed93dc6 806 BT_DBG("%s dst %pMR type 0x%x", hdev->name, dst, type);
b7d839bf 807
4cd2d983
VCG		 808 switch (type) {
809 case LE_LINK:
b7d839bf 810 return hci_connect_le(hdev, dst, dst_type, sec_level, auth_type);
4cd2d983 811 case ACL_LINK:
b7d839bf 812 return hci_connect_acl(hdev, dst, sec_level, auth_type);
4cd2d983 813 }
b7d839bf 814
4cd2d983 815 return ERR_PTR(-EINVAL);
b7d839bf
VCG		 816}
817
e7c29cb1
MH		 818/* Check link security requirement */
819int hci_conn_check_link_mode(struct hci_conn *conn)
820{
38b3fef1 821 BT_DBG("hcon %p", conn);
e7c29cb1 822
aa64a8b5 823 if (hci_conn_ssp_enabled(conn) && !(conn->link_mode & HCI_LM_ENCRYPT))
e7c29cb1
MH		 824 return 0;
825
826 return 1;
827}
e7c29cb1 828
1da177e4 829/* Authenticate remote device */
0684e5f9 830static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
1da177e4 831{
38b3fef1 832 BT_DBG("hcon %p", conn);
1da177e4 833
765c2a96
JH		 834 if (conn->pending_sec_level > sec_level)
835 sec_level = conn->pending_sec_level;
836
96a31833 837 if (sec_level > conn->sec_level)
765c2a96 838 conn->pending_sec_level = sec_level;
96a31833 839 else if (conn->link_mode & HCI_LM_AUTH)
1da177e4
LT		 840 return 1;
841
65cf686e
JH		 842 /* Make sure we preserve an existing MITM requirement*/
843 auth_type |= (conn->auth_type & 0x01);
844
96a31833
MH		 845 conn->auth_type = auth_type;
846
51a8efd7 847 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
1da177e4 848 struct hci_cp_auth_requested cp;
b7d05bad
PH		 849
850 /* encrypt must be pending if auth is also pending */
851 set_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags);
852
aca3192c 853 cp.handle = cpu_to_le16(conn->handle);
40be492f 854 hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED,
5974e4c4 855 sizeof(cp), &cp);
19f8def0 856 if (conn->key_type != 0xff)
51a8efd7 857 set_bit(HCI_CONN_REAUTH_PEND, &conn->flags);
1da177e4 858 }
8c1b2355 859
1da177e4
LT		 860 return 0;
861}
1da177e4 862
13d39315
WR		 863/* Encrypt the the link */
864static void hci_conn_encrypt(struct hci_conn *conn)
865{
38b3fef1 866 BT_DBG("hcon %p", conn);
13d39315 867
51a8efd7 868 if (!test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) {
13d39315
WR		 869 struct hci_cp_set_conn_encrypt cp;
870 cp.handle = cpu_to_le16(conn->handle);
871 cp.encrypt = 0x01;
872 hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT, sizeof(cp),
5974e4c4 873 &cp);
13d39315
WR		 874 }
875}
876
8c1b2355 877/* Enable security */
0684e5f9 878int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
1da177e4 879{
38b3fef1 880 BT_DBG("hcon %p", conn);
1da177e4 881
d8343f12
VCG		 882 if (conn->type == LE_LINK)
883 return smp_conn_security(conn, sec_level);
884
13d39315 885 /* For sdp we don't need the link key. */
8c1b2355
MH		 886 if (sec_level == BT_SECURITY_SDP)
887 return 1;
888
13d39315
WR		 889 /* For non 2.1 devices and low security level we don't need the link
890 key. */
aa64a8b5 891 if (sec_level == BT_SECURITY_LOW && !hci_conn_ssp_enabled(conn))
3fdca1e1 892 return 1;
8c1b2355 893
13d39315
WR		 894 /* For other security levels we need the link key. */
895 if (!(conn->link_mode & HCI_LM_AUTH))
896 goto auth;
897
7b5a9241
MH		 898 /* An authenticated FIPS approved combination key has sufficient
899 * security for security level 4. */
900 if (conn->key_type == HCI_LK_AUTH_COMBINATION_P256 &&
901 sec_level == BT_SECURITY_FIPS)
902 goto encrypt;
903
904 /* An authenticated combination key has sufficient security for
905 security level 3. */
906 if ((conn->key_type == HCI_LK_AUTH_COMBINATION_P192 ||
907 conn->key_type == HCI_LK_AUTH_COMBINATION_P256) &&
908 sec_level == BT_SECURITY_HIGH)
13d39315
WR		 909 goto encrypt;
910
911 /* An unauthenticated combination key has sufficient security for
912 security level 1 and 2. */
66138ce8
MH		 913 if ((conn->key_type == HCI_LK_UNAUTH_COMBINATION_P192 ||
914 conn->key_type == HCI_LK_UNAUTH_COMBINATION_P256) &&
5974e4c4 915 (sec_level == BT_SECURITY_MEDIUM || sec_level == BT_SECURITY_LOW))
13d39315
WR		 916 goto encrypt;
917
918 /* A combination key has always sufficient security for the security
919 levels 1 or 2. High security level requires the combination key
920 is generated using maximum PIN code length (16).
921 For pre 2.1 units. */
922 if (conn->key_type == HCI_LK_COMBINATION &&
7b5a9241
MH		 923 (sec_level == BT_SECURITY_MEDIUM || sec_level == BT_SECURITY_LOW ||
924 conn->pin_length == 16))
13d39315
WR		 925 goto encrypt;
926
927auth:
51a8efd7 928 if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags))
1da177e4
LT		 929 return 0;
930
6fdf658c
LAD		 931 if (!hci_conn_auth(conn, sec_level, auth_type))
932 return 0;
13d39315
WR		 933
934encrypt:
935 if (conn->link_mode & HCI_LM_ENCRYPT)
936 return 1;
8c1b2355 937
13d39315 938 hci_conn_encrypt(conn);
1da177e4
LT		 939 return 0;
940}
8c1b2355 941EXPORT_SYMBOL(hci_conn_security);
1da177e4 942
b3b1b061
WR		 943/* Check secure link requirement */
944int hci_conn_check_secure(struct hci_conn *conn, __u8 sec_level)
945{
38b3fef1 946 BT_DBG("hcon %p", conn);
b3b1b061 947
9cb2e030
MH		 948 /* Accept if non-secure or higher security level is required */
949 if (sec_level != BT_SECURITY_HIGH && sec_level != BT_SECURITY_FIPS)
950 return 1;
b3b1b061 951
9cb2e030
MH		 952 /* Accept if secure or higher security level is already present */
953 if (conn->sec_level == BT_SECURITY_HIGH ||
954 conn->sec_level == BT_SECURITY_FIPS)
b3b1b061
WR		 955 return 1;
956
9cb2e030
MH		 957 /* Reject not secure link */
958 return 0;
b3b1b061
WR		 959}
960EXPORT_SYMBOL(hci_conn_check_secure);
961
1da177e4
LT		 962/* Change link key */
963int hci_conn_change_link_key(struct hci_conn *conn)
964{
38b3fef1 965 BT_DBG("hcon %p", conn);
1da177e4 966
51a8efd7 967 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->flags)) {
1da177e4 968 struct hci_cp_change_conn_link_key cp;
aca3192c 969 cp.handle = cpu_to_le16(conn->handle);
40be492f 970 hci_send_cmd(conn->hdev, HCI_OP_CHANGE_CONN_LINK_KEY,
5974e4c4 971 sizeof(cp), &cp);
1da177e4 972 }
8c1b2355 973
1da177e4
LT		 974 return 0;
975}
1da177e4
LT		 976
977/* Switch role */
8c1b2355 978int hci_conn_switch_role(struct hci_conn *conn, __u8 role)
1da177e4 979{
38b3fef1 980 BT_DBG("hcon %p", conn);
1da177e4
LT		 981
982 if (!role && conn->link_mode & HCI_LM_MASTER)
983 return 1;
984
51a8efd7 985 if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->flags)) {
1da177e4
LT		 986 struct hci_cp_switch_role cp;
987 bacpy(&cp.bdaddr, &conn->dst);
988 cp.role = role;
a9de9248 989 hci_send_cmd(conn->hdev, HCI_OP_SWITCH_ROLE, sizeof(cp), &cp);
1da177e4 990 }
8c1b2355 991
1da177e4
LT		 992 return 0;
993}
994EXPORT_SYMBOL(hci_conn_switch_role);
995
04837f64 996/* Enter active mode */
14b12d0b 997void hci_conn_enter_active_mode(struct hci_conn *conn, __u8 force_active)
04837f64
MH		 998{
999 struct hci_dev *hdev = conn->hdev;
1000
38b3fef1 1001 BT_DBG("hcon %p mode %d", conn, conn->mode);
04837f64
MH		 1002
1003 if (test_bit(HCI_RAW, &hdev->flags))
1004 return;
1005
14b12d0b
JG		 1006 if (conn->mode != HCI_CM_SNIFF)
1007 goto timer;
1008
58a681ef 1009 if (!test_bit(HCI_CONN_POWER_SAVE, &conn->flags) && !force_active)
04837f64
MH		 1010 goto timer;
1011
51a8efd7 1012 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->flags)) {
04837f64 1013 struct hci_cp_exit_sniff_mode cp;
aca3192c 1014 cp.handle = cpu_to_le16(conn->handle);
a9de9248 1015 hci_send_cmd(hdev, HCI_OP_EXIT_SNIFF_MODE, sizeof(cp), &cp);
04837f64
MH		 1016 }
1017
1018timer:
1019 if (hdev->idle_timeout > 0)
a74a84f6
JH		 1020 queue_delayed_work(hdev->workqueue, &conn->idle_work,
1021 msecs_to_jiffies(hdev->idle_timeout));
04837f64
MH		 1022}
1023
1da177e4
LT		 1024/* Drop all connection on the device */
1025void hci_conn_hash_flush(struct hci_dev *hdev)
1026{
1027 struct hci_conn_hash *h = &hdev->conn_hash;
3c4e0df0 1028 struct hci_conn *c, *n;
1da177e4
LT		 1029
1030 BT_DBG("hdev %s", hdev->name);
1031
3c4e0df0 1032 list_for_each_entry_safe(c, n, &h->list, list) {
1da177e4
LT		 1033 c->state = BT_CLOSED;
1034
9f5a0d7b 1035 hci_proto_disconn_cfm(c, HCI_ERROR_LOCAL_HOST_TERM);
1da177e4
LT		 1036 hci_conn_del(c);
1037 }
1038}
1039
a9de9248
MH		 1040/* Check pending connect attempts */
1041void hci_conn_check_pending(struct hci_dev *hdev)
1042{
1043 struct hci_conn *conn;
1044
1045 BT_DBG("hdev %s", hdev->name);
1046
1047 hci_dev_lock(hdev);
1048
1049 conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
1050 if (conn)
1aef8669 1051 hci_acl_create_connection(conn);
a9de9248
MH		 1052
1053 hci_dev_unlock(hdev);
1054}
1055
1da177e4
LT		 1056int hci_get_conn_list(void __user *arg)
1057{
fc5fef61 1058 struct hci_conn *c;
1da177e4
LT		 1059 struct hci_conn_list_req req, *cl;
1060 struct hci_conn_info *ci;
1061 struct hci_dev *hdev;
1da177e4
LT		 1062 int n = 0, size, err;
1063
1064 if (copy_from_user(&req, arg, sizeof(req)))
1065 return -EFAULT;
1066
1067 if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci))
1068 return -EINVAL;
1069
1070 size = sizeof(req) + req.conn_num * sizeof(*ci);
1071
70f23020
AE		 1072 cl = kmalloc(size, GFP_KERNEL);
1073 if (!cl)
1da177e4
LT		 1074 return -ENOMEM;
1075
70f23020
AE		 1076 hdev = hci_dev_get(req.dev_id);
1077 if (!hdev) {
1da177e4
LT		 1078 kfree(cl);
1079 return -ENODEV;
1080 }
1081
1082 ci = cl->conn_info;
1083
09fd0de5 1084 hci_dev_lock(hdev);
8035ded4 1085 list_for_each_entry(c, &hdev->conn_hash.list, list) {
1da177e4
LT		 1086 bacpy(&(ci + n)->bdaddr, &c->dst);
1087 (ci + n)->handle = c->handle;
1088 (ci + n)->type = c->type;
1089 (ci + n)->out = c->out;
1090 (ci + n)->state = c->state;
1091 (ci + n)->link_mode = c->link_mode;
1092 if (++n >= req.conn_num)
1093 break;
1094 }
09fd0de5 1095 hci_dev_unlock(hdev);
1da177e4
LT		 1096
1097 cl->dev_id = hdev->id;
1098 cl->conn_num = n;
1099 size = sizeof(req) + n * sizeof(*ci);
1100
1101 hci_dev_put(hdev);
1102
1103 err = copy_to_user(arg, cl, size);
1104 kfree(cl);
1105
1106 return err ? -EFAULT : 0;
1107}
1108
1109int hci_get_conn_info(struct hci_dev *hdev, void __user *arg)
1110{
1111 struct hci_conn_info_req req;
1112 struct hci_conn_info ci;
1113 struct hci_conn *conn;
1114 char __user *ptr = arg + sizeof(req);
1115
1116 if (copy_from_user(&req, arg, sizeof(req)))
1117 return -EFAULT;
1118
09fd0de5 1119 hci_dev_lock(hdev);
1da177e4
LT		 1120 conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr);
1121 if (conn) {
1122 bacpy(&ci.bdaddr, &conn->dst);
1123 ci.handle = conn->handle;
1124 ci.type = conn->type;
1125 ci.out = conn->out;
1126 ci.state = conn->state;
1127 ci.link_mode = conn->link_mode;
1128 }
09fd0de5 1129 hci_dev_unlock(hdev);
1da177e4
LT		 1130
1131 if (!conn)
1132 return -ENOENT;
1133
1134 return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0;
1135}
40be492f
MH		 1136
1137int hci_get_auth_info(struct hci_dev *hdev, void __user *arg)
1138{
1139 struct hci_auth_info_req req;
1140 struct hci_conn *conn;
1141
1142 if (copy_from_user(&req, arg, sizeof(req)))
1143 return -EFAULT;
1144
09fd0de5 1145 hci_dev_lock(hdev);
40be492f
MH		 1146 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &req.bdaddr);
1147 if (conn)
1148 req.type = conn->auth_type;
09fd0de5 1149 hci_dev_unlock(hdev);
40be492f
MH		 1150
1151 if (!conn)
1152 return -ENOENT;
1153
1154 return copy_to_user(arg, &req, sizeof(req)) ? -EFAULT : 0;
1155}
73d80deb
LAD		 1156
1157struct hci_chan *hci_chan_create(struct hci_conn *conn)
1158{
1159 struct hci_dev *hdev = conn->hdev;
1160 struct hci_chan *chan;
1161
38b3fef1 1162 BT_DBG("%s hcon %p", hdev->name, conn);
73d80deb 1163
75d7735c 1164 chan = kzalloc(sizeof(struct hci_chan), GFP_KERNEL);
73d80deb
LAD		 1165 if (!chan)
1166 return NULL;
1167
1168 chan->conn = conn;
1169 skb_queue_head_init(&chan->data_q);
168df8e5 1170 chan->state = BT_CONNECTED;
73d80deb 1171
8192edef 1172 list_add_rcu(&chan->list, &conn->chan_list);
73d80deb
LAD		 1173
1174 return chan;
1175}
1176
9472007c 1177void hci_chan_del(struct hci_chan *chan)
73d80deb
LAD		 1178{
1179 struct hci_conn *conn = chan->conn;
1180 struct hci_dev *hdev = conn->hdev;
1181
38b3fef1 1182 BT_DBG("%s hcon %p chan %p", hdev->name, conn, chan);
73d80deb 1183
8192edef
GP		 1184 list_del_rcu(&chan->list);
1185
1186 synchronize_rcu();
73d80deb 1187
76a68ba0 1188 hci_conn_drop(conn);
e9b02748 1189
73d80deb
LAD		 1190 skb_queue_purge(&chan->data_q);
1191 kfree(chan);
73d80deb
LAD		 1192}
1193
2c33c06a 1194void hci_chan_list_flush(struct hci_conn *conn)
73d80deb 1195{
2a5a5ec6 1196 struct hci_chan *chan, *n;
73d80deb 1197
38b3fef1 1198 BT_DBG("hcon %p", conn);
73d80deb 1199
2a5a5ec6 1200 list_for_each_entry_safe(chan, n, &conn->chan_list, list)
73d80deb
LAD		 1201 hci_chan_del(chan);
1202}
42c4e53e
AE		 1203
1204static struct hci_chan *__hci_chan_lookup_handle(struct hci_conn *hcon,
1205 __u16 handle)
1206{
1207 struct hci_chan *hchan;
1208
1209 list_for_each_entry(hchan, &hcon->chan_list, list) {
1210 if (hchan->handle == handle)
1211 return hchan;
1212 }
1213
1214 return NULL;
1215}
1216
1217struct hci_chan *hci_chan_lookup_handle(struct hci_dev *hdev, __u16 handle)
1218{
1219 struct hci_conn_hash *h = &hdev->conn_hash;
1220 struct hci_conn *hcon;
1221 struct hci_chan *hchan = NULL;
1222
1223 rcu_read_lock();
1224
1225 list_for_each_entry_rcu(hcon, &h->list, list) {
1226 hchan = __hci_chan_lookup_handle(hcon, handle);
1227 if (hchan)
1228 break;
1229 }
1230
1231 rcu_read_unlock();
1232
1233 return hchan;
1234}
Linux 6.x block layer and io_uring tree(s)